Previous Topic: Splitting Rule SetsNext Topic: Using ACF COMPILE to Build Access Rules from a Terminal

Maintaining Access Rules with the ACF CommandHow CA ACF2 for VM Sorts Rules

How CA ACF2 for VM Sorts Rules

The CA ACF2 for VM rule compiler sorts the rule entries to ensure that
CA ACF2 for VM validates accesses properly. You can place a $NOSORT control statement in the rule set and specify $NOSORT in the RULEOPTS VMO record to prevent the compiler from sorting the rule entries. The compiler also converts all rule data into a form that CA ACF2 for VM can easily read when it validates an access request. It orders the rules according to the following criteria:

  1. DSN patterns, from most specific to most general.
  2. VOL patterns, from most specific to most general. VOL is valid only for system access rules (attachable DASD).
  3. UID patterns, from most specific to most general.
  4. PGM patterns, from most specific to most general. In VM, PGM is valid for FORMAT and DDR only.
  5. SHIFT operands, in alphabetical order, with “none specified” last.
  6. SOURCE operands, in alphabetical order, with “none specified” last.
  7. UNTIL dates, from earliest to latest.

The first rule entry that matches the actual file, UID, source, shift, program, and date being used (the defined environment) is the rule entry that determines the access privileges.